Nope, not really. The only reason ppl recommend it is, because “you have then to guess the username too”. Which is just not relevant if you use strong authentication method like keys or only strong passwords.
least privilege: Which is ok, but on a Server any modification you do requires root anyway, there is usually very little benefit
Additional protection through required sudo password: This is for example easily circumvented by modifying the bashrc or similar with an sudo alias to get the password
Multiuser & audittrails: yes this is a valid point, on a system that is modified or administered by multiple ppl there are various reasons lime access logging and UAC for that
Nope, not really. The only reason ppl recommend it is, because “you have then to guess the username too”. Which is just not relevant if you use strong authentication method like keys or only strong passwords.
Don’t quit your day job.
Most comments here suggest 3 things
An actual person from the pen testing world: https://youtu.be/fKuqYQdqRIs